package me.liuhui.mall.manager.service.security;

import cn.hutool.json.JSONUtil;
import lombok.extern.slf4j.Slf4j;
import me.liuhui.mall.common.base.vo.ResultVO;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.authentication.*;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

import static me.liuhui.mall.common.base.enums.VoCodeEnum.*;

@Slf4j
public class AuthenticationHandler implements AuthenticationFailureHandler, AccessDeniedHandler, AuthenticationEntryPoint, LogoutSuccessHandler {


    public AuthenticationHandler() {

    }




    @Override
    public void onAuthenticationFailure(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
        handleFailure(e, response);

    }


    @Override
    public void handle(HttpServletRequest httpServletRequest, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException {
        handleFailure(e, response);
    }


    @Override
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
        handleFailure(e, response);
    }

    @Override
    public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        handleSuccess(response);
    }


    private void handleSuccess(HttpServletResponse response) throws IOException {
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().print(JSONUtil.toJsonStr(ResultVO.success()));
    }

    private void handleFailure(Exception e, HttpServletResponse response) throws IOException {
        ResultVO resultVO;
        if (e instanceof CaptchaException) {
            resultVO = ResultVO.buildResult(CAPTCHA_ERROR);
        } else if (e instanceof LockedException) {
            resultVO = ResultVO.buildFailResult("账户被锁定，请联系管理员!");
        } else if (e instanceof CredentialsExpiredException) {
            resultVO = ResultVO.buildFailResult("密码过期，请联系管理员!");
        } else if (e instanceof AccountExpiredException) {
            resultVO = ResultVO.buildFailResult("账户过期，请联系管理员!");
        } else if (e instanceof DisabledException) {
            resultVO = ResultVO.buildResult(USER_STATUS_ERROR);
        } else if (e instanceof InsufficientAuthenticationException) {
            resultVO = ResultVO.buildResult(NOT_LOGGED_IN);
        } else if (e instanceof BadCredentialsException || e instanceof UsernameNotFoundException) {
            resultVO = ResultVO.buildResult(PASSWORD_ERROR);
        } else if (e instanceof AccessDeniedException) {
            resultVO = ResultVO.buildResult(NO_PERMISSION);
        } else {
            resultVO = ResultVO.buildFailResult(e.getMessage());
        }
        response.setContentType("application/json;charset=UTF-8");
        response.getWriter().print(JSONUtil.toJsonStr(resultVO));

    }

}
